Docket No. 251114US2SRD 

IN THE UNITED STATES PATENT AND TRADEMARK OFFICE 
IN RE APPLICATION OF: Nobuo SAKIYAMA, et al. • 

SERIAL NO: New Application GAU: 
FILED: Herewith EXAMINER: 

FOR: COMMUNICATION GATEWAY APPARATUS, COMMUNICATION GATEWAY METHOD, AND PROGRAM 

PRODUCT 

INFORMATION DISCLOSURE STATEMENT UNDER 37 CFR 1.97 

COMMISSIONER FOR PATENTS 
ALEXANDRIA VIRGINIA 22313 

SIR: 

Applicant(s) wish to disclose the following information. 
REFERENCES 

□ The applicant(s) wish to make of record the references listed on the attached form PTO-1449. Copies of the listed 
references are attached, where required, as are either statements of relevancy or any readily available English 
translations of pertinent portions of any non-English language references. 

□ A check or credit card payment form is attached in the amount required under 37 CFR §1 .17(p). 
RELATED CASES 

□ Attached is a list of applicant's pending application(s) or issued patent(s) which may be related to the present 
application. A copy of the patent(s), together with a copy of the claims and drawings of the pending application(s) 
is attached along with PTO 1449. 

□ A check or credit card payment form is attached in the amount required under 37 CFR §1.1 7(p). 
CERTIFICATION 

□ Each item of information contained in this information disclosure statement was first cited in any communication 
from a foreign patent office in a counterpart foreign application not more than three months prior to the filing of 
this statement. 

□ No item of information contained in this information disclosure statement was cited in a communication from a 
foreign patent office in a counterpart foreign application or, to the knowledge of the undersigned, having made 
reasonable inquiry, was known to any individual designated in 37 CFR § 1.56(c) more than three months prior to 
the filing of this statement. 

DEPOSIT ACCOUNT 

□ Please charge any additional fees for the papers being filed herewith and for which no check or credit card 
payment is enclosed herewith, or credit any overpayment to deposit account number 15-0030 . A duplicate copy of 
this sheet is enclosed. 

Respectfully submitted, 

OBLON, SPIVAK, McCLELLAND, 
MAIER & NEUSTADT, P.C. 

Marvin J. Spivak 
Registration No. 24,9 1 3 

C. Irvin McClelland 
Registration Number 21,124 



Customer Number 

22850 

Tel. (703)413-3000 
Fax. (703) 413-2220 
(OSMMN 05/03) 



DOCKET NO.:251114US2SRD 



page _J_ of _2_ 



IN THE UNITED STATES PATENT AND TRADEMARK OFFICE 

IN RE APPLICATION OF: Nobuo SAKIYAMA, et al. 
SERIAL NO.: New Application 
FILED: Herewith 

FOR: COMMUNICATION GATEWAY APPARATUS, COMMUNICATION 

GATEWAY METHOD, AND PROGRAM PRODUCT 

STATEMENT OF RELEVANCY 

Reference AO (2003-513349) of Form PTO-1449: 

This discloses a proxy sever which has a similar purpose. But the verification of 
scripts is done by executing scripts on an interpreter in a simulated environment, and the 
execution time of the verification does not have an upper bound. 

Reference AP (2003-504723) of Form PTO-1449: 

This discloses a proxy server which has a similar purpose. But behavior of scripts is 
not verified. 

Reference AU of Form PTO-1449: 

This reference describes a product which implements above two patent applications. 

Reference AV of Form PTO-1449: 

This paper relates a proxy server which has similar purpose. But verification is done 
not on responses from servers, but on requests from clients, and administrators need to create 
a policy description on every web pages. 

Reference AW of Form PTO-1449: 

This describes a method of mitigating cross-site scripting with cookies which has a 
special attribute that specifies a cookie is not accessible through scripts. But that method 
needs a specific Web browser, and cannot completely eliminate the danger of cross-site 
scripting. 
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Reference AX of Form PTO-1449: 

This press release describes that "Norton Personal Firewall 2002" has a new personal 
data protection feature which prevents Web browsers from sending data in cookies against 
the will of the user. But that feature does not take account of the policy of Web sites. 

Reference AY of Form PTO-1449: 

This includes an explanation of cross-site scripting vulnerability, a statistic 
investigation of the vulnerability on production systems, and a proposal of site construction 
method mitigating the vulnerability. But that proposal even does not try to detect specific 
attacks. 

Reference AZ of Form PTO-1449: 

Section 1 - 2 of this textbook describes programming techniques that are needed for 
writing web applications which does not have cross-site scripting vulnerability. But those 
techniques cannot be applicable to Web sites which do not have source codes of Web 
applications. 
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